1. Field of the Invention
The invention relates to a method for safeguarding data traffic between a first terminal and a first network and a second terminal and a second network. The invention also relates to a corresponding first and a corresponding second terminal, with which such a method can be implemented.
2. Description of the Related Art
Users of mobile telephones today have to be able to access not just a mobile radio network but also further networks, e.g. the internet, via a suitable access network. In the case of internet access it is particularly desirable for the transmitted data to be displayed not on the mobile telephone but on a further terminal, e.g. a laptop.
Methods are known with which a first terminal in the form of a mobile telephone, containing a SIM or USIM module (SIM=Subscriber Identity Module; USIM=Universal Subscriber Identity Module), connects via a local interface to a second terminal in the form of a laptop, the laptop allowing access to a further network, e.g. a WLAN network and/or the internet. The second terminal is hereby authenticated to the further network via an authentication protocol, with keys being used in the protocol, which go back to the SIM or USIM module. Suitable authentication protocols that can be used are for example the following: EAP-SIM (EAP=Extensible Authentication Protocol; SIM=Subscriber Identity Module; see, H. Haverinen et al. “EAP SIM Authentication”, internet draft, draft-haverinen-pppext-eap-sim-12, October 2003) or EAP-AKA (EAP=Extensible Authentication Protocol; AKA=Authentication Key Agreement; see, J. Arkko et al., “EAP AKA Authentication”, internet draft, draft-arkko-pppext-eap-aka-11, October 2003). The protocol EAP-SIM is hereby used for GSM mobile telephones and the protocol EAP-AKA is used for UMTS mobile telephones.
The authentication protocols EAP-SIM and EAP-AKA require both communication with the network and involvement of the SIM or USIM module in the authentication. This means that both the second terminal and the first terminal are involved in the execution of the authentication protocol. An exchange of data is therefore required between the second terminal and the first terminal via a local interface, e.g. a Bluetooth interface. Authentication data is thereby transmitted via this interface by a suitable profile for the purposes of authentication. Bluetooth profiles in particular, e.g. the Bluetooth SIM Access Profile (see, “SIM access via ‘SIM Access Profile’ and Bluetooth link”, contribution S3-030436 to the 3GPP meeting SA3#29, San Francisco, 15-18 Jul. 2003; revised text of version 0.95VD_d, attachment att2), are known as suitable profiles from the known art. First session keys, which are actually used for communication between the mobile telephone and the corresponding mobile radio network, are transmitted via the local interface. These first session keys are then used to calculate new session keys in the second terminal, with which new session keys the authentication operates via the authentication protocol. It can be problematic here for the first session keys to be known in the second terminal. This means that an attacker, who gains control of the second terminal, also has access to the first session keys and can impersonate the user of the first terminal, for example making calls at the user's expense in the first network.